Distribution networks for goods or services comprise one or more platforms, also called network heads, which are essentially computer systems, PC or mainframe computers, responsible for creating messages, at the order of the operator in charge, each message being sent via a transmitter device to the various apparatuses subscribing to the network under consideration.
By way of example, if a user of one of the apparatuses wishes to access a product or a service such as a payment service, a telephone service, access to computer functions (bulletin board or software downloading), or access to encrypted television programs, the messages can include information relating to authorizing such access. Conversely, said platforms can also issue messages for removing previously-granted access rights, or even for modifying such rights, in particular after they have been extended to new products or services offered by the network to its subscribers.
The messages transmitted by the platforms are picked up by a receiver in each apparatus and then forwarded to a security module present in each apparatus. The purpose of the security module is to control access via the corresponding apparatus to the products or services distributed by the network.
The security modules, referred to herein as "access control modules", can be detachable from the apparatus, e.g. an electronic memory card or the like, or non-detachable therefrom, e.g. a security component.
Since the platforms allow the access rights of the apparatuses to the various goods or services of the network to be created, modified, or taken away, the messages issued therefrom must be completely secure.
To this end, in order to prevent any previously-recorded access-authorization message from being reissued to an apparatus by a pirate transmitter after access authorization has been taken away, diversification systems can be used, for example. Similarly, it is necessary to prevent a message intended for one apparatus from being diverted to another apparatus.
A known diversification system includes diversification data contained in each message created by the platforms, which data is combined by means of an encrypting algorithm with a secret key belonging to each platform, thereby enabling a message certificate or signature to be created. In order to prevent a message intended for one apparatus from being diverted to another apparatus, instead of using only the secret key of the platform in order to create the certificate, use is made of a diversified secret key resulting from another encrypting algorithm combining the secret key of the platform with an identification number of the access control module in the apparatus of interest ("destination apparatus").
Since the access control module of the destination apparatus for the message also knows both the secret key of the platform and the encrypting algorithm, it can in turn reconstruct the certificate and compare it with the transmission. If the comparison is positive, it can be concluded that the message was indeed intended for this apparatus and was not being diverted from another apparatus.
In this known diversification system, the diversification data must be a part of each message, and when there are two or more platforms, they must be synchronized, either by being connected to a single diversification-data generator which distributes diversification data on demand from the platforms, or by each having its own generator with reporting to the other generators for each message.
The diversification data can be a random number provided by a random number generator. In that case, and in order to avoid any message duplication, the access control modules must be able to store the random numbers of all of the messages that they receive, in order to be able to verify that a random number received has not been received previously, which would mean that the message has already been received. To do that, it is necessary to reserve a large amount of space in the access control module. For example, with each message having a 4-byte random number, 4000 reserved bytes are required for 1000 messages, that being half the memory space normally available in access control modules.
To remedy that drawback, the diversification data can be the serial number (or identification number) of the transmitted message, which serial number is generated by a message counter that increments by unity with each message transmitted by any of the platforms of the network. It thus suffices for the access control modules to store the number of the last message received and to verify that said number is greater than the previously received number.
However, a drawback to that system is that, in the event of unexpected stoppage, it is necessary to restart the counter from number 1, which would lead to any new message being rejected since it would be considered as a prior message and therefore as having already been received. In that case, a safeguard means would be for each access control module to store the numbers of all the messages received, but the problem thus arises of the cost of the safeguard.